diff options
| author | Nick Kralevich <nnk@google.com> | 2014-07-09 12:39:21 -0700 |
|---|---|---|
| committer | Nick Kralevich <nnk@google.com> | 2014-07-09 12:40:13 -0700 |
| commit | e1695914d55d9ced3645fc532191970c9450e9e9 (patch) | |
| tree | 8b86ce62c6d24ab0f061b86446bf24c243f52d49 /rootdir/init.rc | |
| parent | 6e141aea189769a428a7da6c2206df6d0ed2c69d (diff) | |
| download | system_core-e1695914d55d9ced3645fc532191970c9450e9e9.tar.gz system_core-e1695914d55d9ced3645fc532191970c9450e9e9.tar.bz2 system_core-e1695914d55d9ced3645fc532191970c9450e9e9.zip | |
restorecon_recursive /cache
Make sure all files / directories within /cache are properly
labeled, not just the directory itself.
Addresses the following denial:
type=1400 audit(0.0:26): avc: denied { getattr } for comm="Thread-85" path="/cache/lost+found" dev="mmcblk0p27" ino=11 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:unlabeled:s0 tclass=dir
Change-Id: I5937b30043efeb696ffaa77258b7294d20d1494e
Diffstat (limited to 'rootdir/init.rc')
| -rw-r--r-- | rootdir/init.rc | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/rootdir/init.rc b/rootdir/init.rc index a983f292d..e2bc5b352 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc @@ -189,13 +189,11 @@ on post-fs chown system cache /cache chmod 0770 /cache # We restorecon /cache in case the cache partition has been reset. - restorecon /cache + restorecon_recursive /cache # This may have been created by the recovery system with odd permissions chown system cache /cache/recovery chmod 0770 /cache/recovery - # This may have been created by the recovery system with the wrong context. - restorecon /cache/recovery #change permissions on vmallocinfo so we can grab it from bugreports chown root log /proc/vmallocinfo |